FaultyUSB: exploiting a TOCTOU race condition bug in recovery to get root on Huawei devices by emulating a malicious USB flash drive labs.taszk.io/articles/post/…

PPLs (aka "not a security boundary") are getting some new protections in Windows 11. One of them fixes a technique documented by Elastic last year where they "sandbox" Windows Defender by modifying its token: elastic.co/security-labs/…

Yarden Shafir Elastic It's cool to hear they implemented my mitigation. Thanks for digging into the details :) For any AV vendors reading this who want this protection on earlier versions of Windows, I PoC'd the mitigation here: github.com/elastic/PPLGua…

🎉We passed 10k folks registered on p.ost2.fyi a little while back, and I can see we’re coming up on 11k!🥳 Thanks to everyone who spreads the word about #OST2!

🔖 New Blog Post: "Ironing out (the macOS details) of a Smooth Operator"' The 3CX supply chain attack also impacted macOS (+was notarized by Apple🍎🤦🏻‍♂️) Read about discovering the macOS trojanization piece & uncovering it capabilities, IoCs, and more: objective-see.org/blog/blog_0x73…

Now there's a detailed blog post, covering this analysis of UpdateAgent 👾🔬 📝 Just posted: "Ironing out (the macOS) details of a Smooth Operator" (Part II): objective-see.org/blog/blog_0x74…

We found a new zero-day (CVE-2023-28252) in Microsoft Windows used in Nokoyawa ransomware attacks securelist.com/nokoyawa-ranso…

📚🔥 𝗛𝗼𝘁 Off the No Starch Press Press: "𝗕𝗹𝗮𝗰𝗸 𝗛𝗮𝘁 𝗚𝗿𝗮𝗽𝗵𝗤𝗟" 𝗯𝘆 Dolev Farhi & Nick Aleks! I just received my copy! Not only did the authors write the book, but they also designed the tools, and even created the lab that will get your hands on the keyboard! 🖥️

Kernel Object Names Lifetime scorpiosoftware.net/2023/05/15/ker…

📣Call for #OST2 beta testers: “Debuggers 3001: Introductory HyperDbg” (a virtualization-based debugger)📣 Sign up here forms.gle/4P2FzrPB3CnHZk… I was pleasantly surprised yesterday when Sinaei sent all the videos for this class! Which means it’s time to start beta testing!

As OpenSecurityTraining2 HyperDbg course beta tester I can say just thx to Sinaei and Xeno Kovah . Great work to get familiar with capabilities of HyperDbg. Totally gonna redo when course officially starts.

All the videos are done and uploaded and this class is ready to roll! If you want to be walked through the full process of patch diffing, reverse engineering, and writing a Windows kernel exploit by Cedric Halbronn, sign up today! Because tomorrow’s the last day I’m enrolling people!

My next book is finally in early-access at No Starch Press, with the goal for release at the end of 2023. More details are available at nostarch.com/windows-securi…

📣New #OST2 class!!!📣"Debuggers 3011: Advanced WinDbg"📣 ost2.fyi/Dbg3011 This is a ~6 hour class (based on average beta tester completion time) by Cedric Halbronn Cedric Halbronn from NCC Group NCC Group Research & Technology

🧵As part of my upcoming talk at SecTor (blackhat.com/sector/2023/br…) in Toronto Canada Oct 25-26, I can nominate 2 full time students to receive free passes to the conference

Finally, the HyperDbg course is now live at OpenSecurityTraining2! In this tutorial, I explore the potential of using HyperDbg for enhanced reverse engineering, alongside a lot of hypervisor-based reverse engineering tricks!

The slides for the SecTor variant BT sniffing talk are here: github.com/darkmentorllc/… The new example I found and highlighted in Toronto was mero.co beacons, which are used to track janitors and see whether they clean a given location at a given time

Anyone know how to request a Zoho subdomain shutdown? I've observed phishers impersonating orgs and sending fake "account details" request, to customers accounts using the Zoho Desk platform. #zohodesk #zoho #phishing

So close, yet so distant 🤣

Just got back from DEF CON! Three things on my mind: Aerospace and Telecomm security, and AI x Security research. Time to learn all the things! #defcon33